On Thu, Jan 08, 2004 at 06:41:09PM -0500, Meng Weng Wong wrote:
| On Thu, Jan 08, 2004 at 06:37:24PM -0500, Philip Gladstone wrote:
| | I just realized that, while I have an SPF record for
| | gladstonefamily.net, there is nothing to stop somebody from sending mail
| | from foo.gladstonefamily.net as the sending domain. This particular
| | domain does not exist. Alternatively, somebody could use a name that
| | does exist in my domain.
| |
| | What should I do? Does every single entry in the domain need an SPF
| | record, including a wildcard? This could be a configuration nightmare.
|
| You only need SPF accompaniment for entries that have A or MX records.
|
| In an ideal world, you'd only need them for MX entries, but the
| "implicit-MX" rule has been grandfathered for so long that it's still
| possible for a spammer to joe-job your laptop.
|
Hmm. Maybe we can get around this by saying that if a domain has A but
no MX, we can produce an implicit SPF record that is just "v=spf1 a -all".
thoughts?
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡